Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York
By:
Mar 18, 2023Ravie LakshmananCyber Crime / Data Breach
U.S. law enforcement authorities have arrested a New York man in connection with running the infamous BreachForums hacking forum under the...
Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
By:
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021.
The activity targeted Polish...
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency
By:
Mar 16, 2023Ravie LakshmananCyber Attack / Vulnerability
Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal...
Does Your Help Desk Know Who’s Calling?
By:
Mar 09, 2023The Hacker NewsPassword Security / Enterprise Security
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early...
Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
By:
Mar 08, 2023Ravie LakshmananAdvanced Persistent Threat
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp...
LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach
By:
Mar 07, 2023Ravie LakshmananPassword Security / Software Update
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer,...
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
By:
Mar 03, 2023Ravie LakshmananThreat Intelligence / Cyber Attack
The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing...
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
By:
Mar 01, 2023Ravie LakshmananThreat Intelligence / Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates...
Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
By:
Feb 27, 2023Ravie Lakshmanan
The Dutch police announced the arrest of three individuals in connection with a "large-scale" criminal operation involving data theft, extortion, and money laundering.
The suspects include...
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
By:
Feb 28, 2023Ravie LakshmananPassword Security / Data Breach
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it...
